PT-2020-11913 · Gitlab · Gitlab
Cristian Berner
·
Published
2020-03-13
·
Updated
2024-03-06
·
CVE-2020-10088
CVSS v3.1
8.1
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
GitLab versions 12.5 through 12.8.1
Description
The issue concerns Insecure Permissions in GitLab. Depending on particular group settings, it was possible for invited groups to be given the incorrect permission level.
Recommendations
For GitLab versions 12.5 through 12.8.1, update to a version that contains a fix for this issue to ensure correct permission levels for invited groups.
Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Gitlab